Certificate problem

hi ,
i have a prolem when connecting searchguard and elasticsearch.
the problem is
Search Guard Admin v7
Will connect to localhost:9300 … done
Connected as CN=localhost,OU=CE,O=CE,DC=Circular Edge,DC=com
ERR: CN=localhost,OU=CE,O=CE,DC=Circular Edge,DC=com is not an admin user
Seems you use a node certificate. This is not permitted, you have to use a client certificate and register it as admin_dn in elasticsearch.yml

how to solve this?
I attached .yml files with this
elasticsearch.yml (3.5 KB)

It seems that when you use sgadmin to make configuration changes you have specified a node certificate, not an admin certificate. For security reasons, you cannot use a node certificate with sgadmin.

In your elasticsearch.yml you have configured one node certificate:

- CN=localhost,OU=CE,O=CE,DC=Circular Edge,DC=com

and two admin certificates:

- CN=spock.com,OU=CE,O=CE,DC=Circular Edge,DC=com
- CN=kirk.com,OU=CE,O=CE,DC=Circular Edge,DC=com

Please use either the spock or kirk certificate with sgadmin.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.